v0.0.11.post2
Post-release hardening for the direct Ceph provider clients (Dashboard / RGW /
RBD), the Ceph write domain, and the SSL/auth layer. No breaking changes;
drop-in for v0.0.11.post1.
Fixes
- Capability gating no longer fails open.
ProviderCapability.supports()
now reports an unknown write-like operation as unsupported instead of
defaulting to "writable". Callers that gate destructive operations on
capability detection are no longer cleared for operations a provider never
declared. Read queries still resolve via the provider's read capability. - RGW quota writes sign correctly. The S3 Signature v2 signature for
set_user_quota/set_bucket_quotanow folds thequotasub-resource into
the signed canonical resource, so these requests are accepted by RGW
deployments that validate sub-resources. - Injected HTTP transports are no longer closed by the provider. A transport
supplied by the caller (and potentially shared across clients) is left open;
only provider-owned transports are closed onclose(). - Ceph task helpers validate the returned task id. The Proxmox VE Ceph write
helpers verify the API returned a task UPID string and raise a clear error
otherwise, instead of returning a mistyped value.
Improvements
- RGW user listing fetches users concurrently for faster inventory on large
clusters. - The async HTTP transport builds its TLS context once instead of per request.
- The destructive-operation confirmation gate is consolidated into a single
shared helper. - Tighter return-type and async context-manager annotations across the provider
clients.
Compatibility
- Python >= 3.11. Same Proxmox VE schema support as v0.0.11 (latest / 9.2 /
9.1.11). No API or configuration changes are required to upgrade.
Validation: lint, type-check, and the full test matrix (Python 3.11/3.12/3.13 ×
schemas latest/9.2/9.1.11) are green; the release pipeline stages and validates
the package on TestPyPI before publishing to PyPI.